<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1" %>
<%@ page import="javax.mail.*" %>
<%@ page import="javax.mail.internet.*" %>
<%@ page import="java.util.*" %>
<%@ page import="java.sql.*" %> 
<%@ page import="java.lang.*" %> 
<%@ page import="java.io.*" %> 
<%
try {
String connectionURL = "jdbc:mysql://webproject2.cse.ust.hk/BookwarmMobile?user=BookwarmMobile&password=bookwarm"; 

Connection connection = null; 

Class.forName("com.mysql.jdbc.Driver").newInstance(); 

connection = DriverManager.getConnection(connectionURL);

if(!connection.isClosed()) {
String newAccountName = null;
String oldPassword = null;
String newPassword  = null;

newAccountName = request.getParameter("username");
oldPassword = request.getParameter("oldpassword");
newPassword = request.getParameter("newpassword");

int count_record = 0;
Statement statement0 = null;
ResultSet rs0 = null;
statement0 = connection.createStatement();
String query0 = "SELECT * FROM Users WHERE AccountName = '" + newAccountName + "' AND Password = '" + oldPassword + "';";
rs0 = statement0.executeQuery(query0);
while(rs0.next()) {
count_record++;

}
statement0.close();

if(count_record != 0) {
int count_update = 0;
Statement statement1 = null;
statement1 = connection.createStatement();
String query1 = "UPDATE Users SET Password = '" + newPassword + "' WHERE AccountName = '" + newAccountName + "';";
count_update = statement1.executeUpdate(query1, Statement.NO_GENERATED_KEYS);
statement1.close();

if(count_update != 0) {
out.print("change_password_successful");

String host="smtp.gmail.com", user="bookwarm.comp3111h@gmail.com", pass="bookwarmmobile";String SSL_FACTORY = "javax.net.ssl.SSLSocketFactory";
String to = newAccountName;
String from = "bookwarm.comp3111h@gmail.com"; 
String subject = "BookwarmMobile - Password Change Confirmation";
String messageText = "<p>This email is to confirm your recent password change to access our service.</p><p>For your security, please change your password on a regular basis and keep your password safe. You will be asked to enter your user name and password each time you sign on to the site.</p><p>Thank you for using BookwarmMobile.</p>";
boolean sessionDebug = true;
Properties props = System.getProperties();
props.put("mail.host", host);
props.put("mail.transport.protocol.", "smtp");
props.put("mail.smtp.auth", "true");
props.put("mail.smtp.", "true");
props.put("mail.smtp.port", "465");
props.put("mail.smtp.socketFactory.fallback", "false");
props.put("mail.smtp.socketFactory.class", SSL_FACTORY);
Session mailSession = Session.getDefaultInstance(props, null);
mailSession.setDebug(sessionDebug);
Message msg = new MimeMessage(mailSession);
msg.setFrom(new InternetAddress(from));
InternetAddress[] address = {new InternetAddress(to)};
msg.setRecipients(Message.RecipientType.TO, address);
msg.setSubject(subject);
msg.setContent(messageText, "text/html"); 
Transport transport = mailSession.getTransport("smtp");
transport.connect(host, user, pass);

try {
transport.sendMessage(msg, msg.getAllRecipients());

}
catch (Exception err) {
out.println(err.getMessage());

}

transport.close();

}
else {
out.print("change_password_failed");

}

}
else {
out.print("no_user_found");

}

}

connection.close();

}
catch(Exception ex){
out.print(ex);

}
%>